πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ 'No-Party' Data Architectures Promise More Control, Better Security πŸ•΄

Consumers gain control of their data while companies build better relationships with their customers β€” but third-party ad-tech firms will likely continue to stand in the way.

πŸ“– Read

via "Dark Reading".
Dark Reading
'No-Party' Data Architectures Promise More Control, Better Security
Consumers gain control of their data while companies build better relationships with their customers β€” but third-party ad-tech firms will likely continue to stand in the way.
208 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ How DevSecOps Empowers Citizen Developers πŸ•΄

DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.

πŸ“– Read

via "Dark Reading".
Dark Reading
How DevSecOps Empowers Citizen Developers
DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.
184 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36678 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

πŸ“– Read

via "National Vulnerability Database".
164 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37152 β€Ό

An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"

πŸ“– Read

via "National Vulnerability Database".
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36680 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.

πŸ“– Read

via "National Vulnerability Database".
155 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37151 β€Ό

There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.

πŸ“– Read

via "National Vulnerability Database".
143 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39393 β€Ό

mm-wiki v0.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the markdown editor.

πŸ“– Read

via "National Vulnerability Database".
146 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36683 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment.

πŸ“– Read

via "National Vulnerability Database".
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36682 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student.

πŸ“– Read

via "National Vulnerability Database".
154 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-40285 β€Ό

htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.

πŸ“– Read

via "National Vulnerability Database".
153 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39394 β€Ό

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.

πŸ“– Read

via "National Vulnerability Database".
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36679 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.

πŸ“– Read

via "National Vulnerability Database".
218 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36681 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account.

πŸ“– Read

via "National Vulnerability Database".
228 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37150 β€Ό

An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.

πŸ“– Read

via "National Vulnerability Database".
238 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text] ⚠

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

πŸ“– Read

via "Naked Security".
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
Latest episode – listen now! (Or read the transcript if you prefer the text version.)
257 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36521 β€Ό

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.

πŸ“– Read

via "National Vulnerability Database".
220 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Firefox 104 is out – no critical bugs, but update anyway ⚠

Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.

πŸ“– Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
215 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ 'Sliver' Emerges as Cobalt Strike Alternative for Malicious C2 πŸ•΄

Microsoft and others say they have observed nation-state actors, ransomware purveyors, and assorted cybercriminals pivoting to an open source attack-emulation tool in recent campaigns.

πŸ“– Read

via "Dark Reading".
Dark Reading
'Sliver' Emerges as Cobalt Strike Alternative for Malicious C2
Microsoft and others say they have observed nation-state actors, ransomware purveyors, and assorted cybercriminals pivoting to an open source attack-emulation tool in recent campaigns.
214 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Ransomware Attacks are on the Rise ❌

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

πŸ“– Read

via "Threat Post".
Threat Post
Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
204 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” Friday Five 8/26 πŸ”

Read about why Twitter is coming under fire, how a cybersecurity organization may have gone on the offensive, possible big changes coming for software vendors, and much more in this week’s Friday Five!


πŸ“– Read

via "".
202 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Snapchat settles for $35 million in Illinois biometrics lawsuit πŸ“’

The social media giant had been accused of improperly collecting, storing facial geometry in violation of state legislation

πŸ“– Read

via "ITPro".
IT PRO
Snapchat settles for $35 million in Illinois biometrics lawsuit | IT PRO
The social media giant had been accused of improperly collecting, storing facial geometry in violation of state legislation
179 views